BYOD is being deployed as CISOs name malware as main mobile threat

According to Symantec's 2012 State of Mobility Survey, which polled 6,275 organisations in 43 countries, 71 per cent of respondents are discussing custom mobile applications, while one-third are currently implementing, or have already implemented, them.

CJ Desai, senior vice-president of the endpoint and mobility group at Symantec, said: “We are impressed by the pace of mobile application adoption within organisations. This cultural change from refusing mobile devices not long ago to actively distributing and developing them has introduced a new set of challenges and complexities for IT staff.

“Encouragingly, from a security perspective, a majority of organisations are thinking beyond the simple case of lost or stolen mobile phones.”

The survey also found that 70 per cent of respondents expect smartphones and tablets currently in use to increase employee productivity, and 77 per cent had already seen productivity gains after implementation.

However, three-quarters of organisations said maintaining a high level of security is a top business objective around mobility, with 41 per cent identifying mobile devices as one of the top three IT risks due to loss and theft, data leakage, unauthorised access to corporate resources and the spread of malware infections from mobile devices to the company network.

Greg Day, EMEA security CTO and director of strategy at Symantec, said: “Interestingly, the number-one risk [identified] globally for mobile devices was malware; I didn't expect that because the volume we see is infinitesimal compared with PC malware, but my view is that there has been enough inkling of incidents for businesses to look and say ‘what is going on?'.

“In EMEA the number-one concern was in preventing unauthorised network access, or application access from smart devices. Second was lost or stolen devices; one CISO told me that when the iPad 3 comes out, he expects an increase in lost devices.”

Day added that half of CISOs were involved in an ongoing bring-your-own-device (BYOD) project, while getting control of data was also high on their agenda. The survey mentioned that there was an overall reduction in the support of personal devices and in complete social media access.

“The main topic of conversation is BYOD – support or don't support – and what I heard more than anything else was liability, not to the business but to the user. So if I try to manage this device and lock it down, who do they hold accountable for it? I cannot inspect their personal data, there is liability in supporting the user for everything, so I become a more broader point of support,” he said.

SC Media UK arms cyber-security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.